<?php
require_once '../yubiphpbase/appinclude.php';
include 'head.htm';
$act = getHttpVal('act', '');
$msg = getHttpVal('msg', '');
$email = getHttpVal('email', '');

if (($usrid = getUsrIdFromSession()) <= 0) {
	echo TIMEDOUT;
	exit;
}

if (strlen($act) > 0) {
	if (strcmp($act, 'chg_pref') == 0) {
		$msg = 'Account updated';
		if (validEmail($email)) {
			if ($email != $_SESSION['email'] && ($cli=getClientByEmail($email)) > 0) {
				$msg = 'Sorry, the email is used by another client!';
			} else {
				$chk_sig = getHttpVal('chk_sig', 0);
				$chk_owner = getHttpVal('chk_owner', 0);
				$genApiKey = getHttpVal('regen_apikey', 0);
				$chk_provision = getHttpVal('chk_auto_provision', 0);
				$chk_auth = getHttpVal('chk_complete_auth', 0);
				
				$stmt = 'UPDATE clients SET email=' . mysql_quote($email) .
					', chk_sig=' . $chk_sig .
					', self_provision=' . $chk_provision .
					', complete_auth=' . $chk_auth .
					', chk_owner=' . $chk_owner;
				if ($genApiKey > 0) {
					$newApiKey = genAPIKey();
					$stmt .= ', secret='.mysql_quote($newApiKey);
					$msg = 'The new API key is: '.$newApiKey;
				}
				$stmt .= ' WHERE id=' . $_SESSION['client'];
				
				if (query($stmt)) {
					$_SESSION['email'] = $email;
				} else {
					$msg = 'Failed to change admin email, check input and try again?';
				}
			}
		} else {
			$msg = 'Invalid admin email, check input and try again?';
		}
	} // End chg_pref
} // End act

$email = $_SESSION['email'];
$ci = getClientInfo($_SESSION['client']);
?>

<title>Yubikey Admin - Edit Account Information</title>

<body>

<div align=left id="E" style=background:#eeeeee;>

<table border=0>

<tr><td align=center valign=top colspan=3>
<h2>Edit Account Information</h2>
<form name=chg_pref id=chg_pref method=POST action=edit_prefs.php>
</td></tr>

<tr><td align=center colspan=3>
<?php
if (strlen($msg) > 0) {
	echo '<font color=red>' . $msg . '</font>';
}
?>
</td></tr>

<tr><td align=left valign=top>
<b>Admin email:</b> <input name=act type=hidden value=chg_pref>
</td><td valign=top>
<input name=email value="<?php echo $email;?>" maxlength=100 size=50>
</td><td>
</td></tr>

<tr><td align=left valign=top>
<b>For each<br>validation request:</b>
</td><td valign=top>
<select name=chk_sig>
<option value="0" <?php if ($ci['chk_sig']==0) { echo ' selected'; }?>>Do not check signature
<option value="1" <?php if ($ci['chk_sig']==1) { echo ' selected'; }?>>Check signature
</select>
<br>
<select name=chk_owner>
<option value="0" <?php if ($ci['chk_owner']==0) { echo ' selected'; }?>>Do not check Yubikey ownership
<option value="1" <?php if ($ci['chk_owner']==1) { echo ' selected'; }?>>Check Yubikey ownership
</select>
</td>
</tr>

<tr><td align=left valign=top>
<b>Auto-Provision:</b>
</td><td valign=top>
<select name=chk_auto_provision>
<option value="0" <?php if ($ci['self_provision']==0) { echo ' selected'; }?>>Disable
<option value="1" <?php if ($ci['self_provision']==1) { echo ' selected'; }?>>Enable
</select>
</td>
</tr>

<tr><td align=left valign=top>
<b>Complete authentication:</b>
</td><td valign=top>
<select name=chk_complete_auth>
<option value="0" <?php if ($ci['complete_auth']==0) { echo ' selected'; }?>>Disable
<option value="1" <?php if ($ci['complete_auth']==1) { echo ' selected'; }?>>Enable
</select>
</td>
</tr>

<tr><td align=left valign=top colspan=2>
<input name=regen_apikey type=checkbox value=1>
<b>Regenerate a new API Key?</b>
</td></tr>

<tr><td height=5></td></tr>

<tr><td align=center colspan=2>
<input type=submit name=sub value="Update" class=buttonLinkO>
</form>
</td></tr>

<tr><td align=center colspan=3>
<p>
<img src=images/close.gif>
<A href="javascript:window.close()">Close this window</A>
</td></tr>
</table>
</div>
